A Defense Method Against Persistent Fault Attack

Abstract

Persistent fault attack is a powerful attack technology to recover key information by using persistent fault and statistical methods. It can be applied to the key recovery realized by block cipher look-up table. Its biggest advantage is that the key information can be recovered only by one failure injection, and persistent fault attack can be applied to the classic block cipher protection implementation such as detection technology and mask technology. Nevertheless, the classic fault attack protection technology still improves the difficulty of persistent fault attack. The detection and infection technologies increase the number of ciphertext required to extract the correct key by a constant multiple, which will hinder the attack in the actual scene. Real time health detection of S-box is an effective means to prevent persistent fault attacks. Once the injected fault of S-box is detected, reset, restart or refuse to continue encryption. However, this defense strategy is not effective against multiple persistent fault attacks without changing the secret key. Persistent fault attack makes full use of the double mapping property of S-box, so health detection based on the double mapping property of S-box is an efficient protection method. Compared with the traditional detection method, the 255 times XOR method proposed in this paper has low cost and high efficiency, and the single byte modification of S-box after inspection can effectively mislead the encrypted data obtained by the attacker, even if this data is extremely useful to attackers. The research results of this paper show that the proposed defense scheme can effectively resist three secret key analysis strategies of persistent fault attack.